CVE-2020-22724

Опубликовано: 14 окт. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Средний

Описание

A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1.

Ссылки

https://cwe.mitre.org/data/definitions/78.html
Third Party Advisory
https://github.com/DarkEyeR/CVE_Apply/blob/master/Mercury/Mercury%20MER1200%20Router%20v1.0.1%20RCE%20%20.md
Exploit
Third Party Advisory
https://cwe.mitre.org/data/definitions/78.html
Third Party Advisory
https://github.com/DarkEyeR/CVE_Apply/blob/master/Mercury/Mercury%20MER1200%20Router%20v1.0.1%20RCE%20%20.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:mercury:mer1200_firmware:1.0.1:*:*:*:*:*:*:*

cpe:2.3:h:mercury:mer1200:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:mercury:mer1200g_firmware:1.0.1:*:*:*:*:*:*:*

cpe:2.3:h:mercury:mer1200g:-:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.14438

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-j22p-f8jx-q4g5